Health Information Exchange Featured Article

CDW Study: Data Loss Biggest Concern of IT Healthcare Professionals

Data breaches are becoming more and more prevalent in all industries, but none with the potentially dire consequences as in the healthcare field, where confidential personal information, including Social Security numbers, are often stored on health records.

A new survey by CDW has found that one in four organizations has experienced a data loss in the last two years and many reported breaches “jeopardizing their e-mail, network or other sensitive information,” according to CDW.

The CDW Data Loss Straw Poll discovered that, of 654 IT professionals from business, financial services, healthcare and higher education, data loss was a huge concern for over half the respondents.

The total sample size “equated to a margin of error of ±3.8 percent at a 95 percent confidence level,” according to the survey, which means that if the survey were conducted 100 times, the percentage who say it’s troubling would range between 47 and 53 percent most (95 percent) of the time.

IT professionals say data loss is their number one cybersecurity threat, the CDW study reported, and personally identifiable data is the top target of cyber attacks. Organizations also responded that significant increases in the number of people and devices accessing their network made them more susceptible to data loss.

One IT professional in financial services told CDW, “Security is harder every day due to the ease with which personal information is gained.” Two-thirds of organizations said employee-owned devices have access to their networks, but fewer have adequate security policies.

Others cited the causes of potential breaches as “phishing” attacks, this increased use of mobile devices, and malware. An IT professional in a healthcare provider organization noted its most feared consequence of loss of data, “a breach in our system causing millions of members’ information to be displayed.”

And it’s happened. In New York the medical and personal records of almost 2,000 patients, vendors, contractors and staff were breached when magnetic data tapes were stolen in February. Then it was a stolen laptop from a major healthcare provider in northern California that compromised the health records and personal information of more than four million patients.

In South Carolina, a worker transferred the records of over 200,000 patients into his personal e-mail. And in Utah, a weak password resulted in Eastern European hackers reaching deep into Utah’s Medicaid population for the same information.